Legitimate E-Mail Or Phishing Attempt?

Legitimate E-Mail Or Phishing Attempt?

How To Thwart An E-mail Phishing Attempt

E-mail phishing attempts are on the rise thanks to advancements in virus and malware detection. These have slowed down the bad guys’ data mining and money-making attempts. As a result, they’re going back to basics.

Luckily, e-mail phishing has numerous tell-tale signs.

Links: Don’t Click ‘Em

Emailing phishing attempts usually include a link that might look legitimate. Slow down and check it before clicking it automatically.

Hover your mouse over it or copy and paste it into a text document. Once you have pasted the copied URL, you’ll see that hotlink has been edited. “Microsoft O365 Account Confirmation,” in example, will actually redirect you to some nefarious website. These are typically built to mimic that of a legitimate, branded website, but I can assure you that it is not.

This can happen with most big-name brands, such as Amazon, Apple, Microsoft, Google, etc. Don’t assume that an e-mail is definitely from the source you know until you double-check the link. Phishing is all about tricking you into giving up your details by gaining your trust.

Word Documents, PDFs, and Images, Oh My!

It’s not just links contained within e-mails that should be handled with caution. Criminals are now including links inside of PDFs.

They are also making the PDF seem as though they are protected or secure when, in fact, they are not. The same can also be applied to Word documents and images.

The main thing to keep in mind when clicking on attachments in an e-mail is whether or not you trust the sender. Is the sender a known co-worker, not a long lost relative or friend that you might have talked to once on social media? If you are unsure, call the supposed sender up and verify that they actually sent the e-mail.

“Sign this document so we can get paid!”

Another e-mail phishing attempt is signing a document for an everyday legitimate reason, but which would never be handled over e-mail or from a website. Maybe you’re not even the person that is authorized to sign off on such a document.

These attempts can also extend to e-mails demanding payment or approval for a project. The e-mail bodies or titles typically use fear tactics to push you into action, such as threatening a service shut-off or sending the bill to collections. They target the people who will send off the invoice to Accounts Payable to process or who will pay a balance immediately without researching the bill.

The above strategies have been around for years and they’re gaining popularity again because they work. And they work well, at that. While other hacking attempts are blocked, hackers can count on human error to release the information they want. Don’t let yourself get caught up in identity theft or an encrypted drive. Double-check links and e-mails, don’t give up info unless you verify the source, and be wary of attachments if they aren’t from someone you know. Slowing down and staying aware can save you a headache down the line and keep your computer clean.

About the author

Ron Cochran is Senior Help Desk Technician at Tech Experts.

About Tech Experts

Tech Experts is southeast Michigan's leading small business computer support company. A Microsoft Certified Partner, Tech Experts is your one-stop IT service company, offering "No Problem Support" to more than 200 businesses and individuals throughout the southeastern Michigan, Metro Detroit, and northwestern Ohio areas.